Appendix B: Licensing Conditions
The software licensing architecture governs the licensing condition of computers that are running Windows operating systems. This architecture has a policy engine built from a number of core Windows security technologies. It is designed to protect the code and the associated licensing condition from tampering or other malicious behavior.
The policy engine gets data from a set of cryptographically signed eXtensible rights Markup Language (XrML) license files. XrML is an industry-standard rights expression language that a number of Windows components use. License files define the rights and conditions of the installed edition of Windows. All licensing files and other data that the policy engine uses are digitally signed or encrypted by using keys that are chained to secure roots of trust with Microsoft.
Windows 7 and Windows Server 2008 R2 may be in one of four software licensing conditions: activated, grace, genuine, or notifications. The following sections describe these conditions, which reflect the status of the computer’s activation and genuine state, which dictates the user experience. Figure 6 illustrates these conditions.
When a computer is activated, users can access the full functionality of the operating system. A combination of licensing files and a set of policies (rights) granted as a result of the activation process defines the functionality for a Windows edition. Individual Windows components call software licensing application programming interfaces (APIs) to determine which rights are granted and adjust their functionality according to the response.
After installing a Windows 7 or Windows Server 2008 R2 operating system but before activating it, users can access the full functionality of the operating system for a limited time (the grace period). The length of a grace period is 30 days for either the client or server operating system. During this initial grace period, the operating system periodically notifies the user that the computer needs to be activated. Additionally, Windows can fall in to out-of-tolerance grace when the hardware changes significantly. The notifications are minimally intrusive and may not start at the beginning of the grace period, but they increase in frequency toward the end of the grace period.
The genuine state is not associated with the activation process. Instead, it is a condition determined by the online genuine validation service. When a user attempts to download or use a genuine-only feature, the online validation service checks the operating system of the requesting computer.
An operating system can have one of three genuine states:
Non-genuine. The computer has obtained a ticket from the online validation service indicating that it is not genuine.
Local genuine. The computer has not obtained a validation ticket.
Genuine. The computer has a ticket that is signed by Microsoft from the online validation service indicating that it is genuine.
The genuine license condition applies only to client versions of the Windows operating system. Initially, during the grace period, a computer running these Windows versions is always in a local genuine condition. A computer is never marked non-genuine until after it fails validation through the online validation service and receives a non-genuine ticket. Likewise, after a computer has a non-genuine status, it must successfully validate itself through the online validation service to receive a genuine ticket.
Although it is necessary for a computer to be activated to be considered genuine, the process of activation does not reset or clear a previous non-genuine status. As a result, to return a computer to a fully functional activated condition, it must be both activated and validated against the online validation service. For more information, see Genuine Microsoft Software http://go.microsoft.com/fwlink/?LinkId=151993 on the Microsoft Web site.
The purpose of the notifications-based experience is to differentiate between an activated (genuine) from an unlicensed (non-genuine) copy of Windows in a way that maintains computer functionality, such as logon, access to the familiar desktop, and so on. Reduced Functionality Mode (RFM) is not in Windows 7 or Windows Server 2008 R2. Instead, both operating systems have a notifications-based experience. This new notifications user experience means that computers that are not activated during their grace periods (initial activations and those that result from hardware changes) or that fail validation may provide the following user experience:
After logging on to the computer, users see a dialog box reminding them that Windows must be activated along with options to activate now or later. If users do not interact with this dialog box within two minutes, the logon process continues normally.
In the notifications state, Windows changes the desktop wallpaper to a solid black background, displays notifications in the notification area indicating the activation state, and displays dialog boxes showing actions that the user must take.
In the notifications state, users have access to the full functionality of the installed version of Windows, with the following features disabled:
A computer configured as a KMS host responds to KMS client requests with an error message that KMS has not been activated.
Windows Update downloads security and critical updates (optional updates are excluded).
Optional downloads requiring the online validation service—also referred to as genuine-gated downloads—are not available.
The computer must be activated for it to leave the notifications state.